Thirteen additional countries have joined a European initiative designed to help private sector firms protect themselves from damaging ransomware attacks.
Launched just three months ago by Europol, Kaspersky Lab and Intel Security, the No More Ransom initiative seeks to create new partnerships between private sector companies and law enforcement agencies, encouraging them to work together to take on the hackers behind this growing form of cybercrime.
The new members of the growing coalition are Britain, Ireland, France, Spain, Bosnia and Herzegovina, Bulgaria, Colombia, Hungary, Italy, Latvia, Lithuania, Portugal and Switzerland. According to Kaspersky Lab, more countries are expected to sign up to the initiative over the coming months.
Supported by the European Commission and Eurojust, the project offers a web portal that provides advice on how to prevent, deal with, and recover from a ransomware attack. The site helped more than 2,500 ransomware victims decrypt their data and files without having to hand over any money to the cybercriminals who hacked their systems during the first two months after it launched, Kaspersky Lab claims.
The site currently offers three decryption tools; the WildfireDecryptor, the RannohDecryptor and the RakhniDecryptor. In a statement, Kaspersky Lab urged law enforcement agencies and businesses to pool resources so as more decryption tools can be developed.
“The fight against ransomware succeeds best when law enforcement agencies and the private sector join forces,” commented Kaspersky Lab’s Jornt van der Wiel. “Researchers can offer broader malware analysis and services like internet scanning, helping to find connections between different items of data. This enables the police to locate and seize the servers used to manage the attack.”
Ransomware is a form of malware that locks and encrypts a company or an individual’s data, before demanding a payment for its release. More advanced forms of ransomware can threaten to begin deleting data and files if a payment is not made within a specified timeframe.
The hackers behind these types of attacks often gain access to company networks by tricking employees of businesses into opening infected files or clicking on fake links. Once ransomware has found its way onto a firm’s IT system and locked its data, the business concerned could be brought to a complete standstill if its files are not backed up to a separate location.
Payment in ransomware attacks is typically requested in cryptocurrencies such as bitcoin, which can make it much harder for police to track down perpetrators when a payment is made. While many law enforcement agencies including the FBI recommend that victims refuse to pay up when they are targeted in ransomware attacks, many businesses feel as though they have little option but to do so when faced with the immediate consequences of data loss.